The present invention relates to a technique of managing policy rules.
Japanese Non-examined Patent Laid-open No. 2003-095139 (hereinafter referred to as Patent Document 1) describes an intrusion detection and management system that detects a change in a network configuration and distributes an unauthorized access detection policy to a device that has been added or changed by the configuration change. Further, Non-examined Patent Laid-open No. 2001-257718 (hereinafter referred to as Patent Document 2) describes a multicast method that manages multicast routing information in a centralized manner, detects a change in a configuration of a network and notifies the configuration change to network apparatuses to which a routing information change notification should be sent.
When there is a change in a configuration of a system to which policy rules are applied, sometimes conflicts occur and cause a system failure unless the policy rules are changed also. Policy rules are rules each prescribing an operation (a coping operation) to be performed when a certain event occurs.
For example, it is assumed that, in a system where a certain work is performed using an application server and a database server, processing in the application server is a bottleneck. Further, it is assumed that there is a policy rule that an application server is added when a response time of the certain work exceeds a threshold. When the current application server is upgraded to a high performance server, then the database server becomes a bottleneck this time. As a result, it is necessary to modify (change) the policy rule to one matching with the changed system configuration. The above-cited Patent Documents 1 and 2 do not consider modification of policy rules.
The present invention has been made taking the above situation into consideration. And, an object of the present invention is to prevent a failure to modify a policy rule that should be modified in accordance with a change in a configuration of a system.